<?php
/**
 * Created by PhpStorm.
 * User: renshan
 * Date: 16-6-18
 * Time: 下午2:32
 */

namespace ApiBundle\Controller;

use ApiBundle\Response\SecurityResponse;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;

/**
 * Class SecurityController
 * @package ApiBundle\Controller
 * 用于登录帐号、修改帐号信息
 */
class SecurityController extends Controller
{
    private $response;
    private $security_response;


    /**
     * SecurityController constructor.
     * 初始化返回信息
     */
    public function __construct()
    {
        $this->response = new Response();
        $this->response->headers->set('Content-Type', 'application/json');
        $this->security_response = new SecurityResponse();
    }

    /**
     * @param Request $request
     * @return Response
     * 通过帐号和密码登录
     */
    public function loginAction(Request $request)
    {
        $status = 0;

        $username = $request->get('username');
        $password = $request->get('password');


        /**
         * 没有传入用户名
         */
        if(!$username) {
            $this->security_response->setStatus(SecurityResponse::EMPTY_USERNAME);
            $this->security_response->setMessage(SecurityResponse::EMPTY_USERNAME_MESSAGE);

            return $this->response->setContent($this->security_response);
        }

        /**
         * 没有传入密码
         */
        if(!$password) {
            $this->security_response->setStatus(SecurityResponse::EMPTY_PASSWORD);
            $this->security_response->setMessage(SecurityResponse::EMPTY_PASSWORD_MESSAGE);

            return $this->response->setContent($this->security_response);
        }

        $user_manager = $this->get('fos_user.user_manager');
        $user = $user_manager->findUserByUsername($username);

        /**
         * 帐号不存在
         */
        if(!$user) {
            $this->security_response->setStatus(SecurityResponse::USERNAME_NOT_EXISTS);
            $this->security_response->setMessage(SecurityResponse::USERNAME_NOT_EXISTS_MESSAGE);

            return $this->response->setContent($this->security_response);
        }

        /**
         * 密码错误
         */
        $encoder = $this->get('security.password_encoder');
        if(!$encoder->isPasswordValid($user, $password)) {
            $this->security_response->setStatus(SecurityResponse::PASSWORD_NOT_VALID);
            $this->security_response->setMessage(SecurityResponse::PASSWORD_NOT_VALID_MESSAGE);

            return $this->response->setContent($this->security_response);

        }

        /**
         * 至此，登录成功，更新用户数据并返回相应数据
         */
        $api_token = md5(uniqid(random_bytes(3)));
        $user->setApiToken($api_token);
        $user_manager->updateUser($user);

        $data = [
            'username'  => $user->getUsername(),
            'api_token' => $user->getApiToken()
        ];

        $this->security_response->setData($data);
        $this->security_response->setStatus(SecurityResponse::USER_IS_VALID);
        $this->security_response->setMessage(SecurityResponse::USER_IS_VALID_MESSAGE);


        return $this->response->setContent($this->security_response);
    }

}